Distributed scalable policy based content management

ABSTRACT

A method for defining and constraining the behavior of a shared, mobile content management system is disclosed. The method includes providing an admin console for defining, modifying, and managing declarative policies. Declarative policies are defined based on an XML policy model. The XML policy model dictates the policies that can be expressed by the admin console. The defined declarative policies are enacted without requiring the content management system to be restarted, reconfigured, or re-implemented. An XML-based policy wizard definition language is provided to define policy wizards in the admin console that guide an administrator through the steps of creating and editing the policies. Additionally, at least one policy repository based on LDAP is provided. The at least one policy repository has an interface and is adapted to store a plurality of declarative policies. The policy repository has scalable and distributed capabilities.

FIELD OF THE INVENTION

The present invention relates generally to content management and, moreparticularly, to a system and method for managing content usingdeclarative policies.

BACKGROUND OF THE INVENTION

Today, the majority of digital content resides within computer basedfile systems. We use the file systems to manage our digital content byorganizing it, distributing it, and controlling access in much the sameway as filing cabinets manage paper-based content. Typically within anorganization, digital content may be distributed across many differenttypes of devices, linked by many different types of networks and thatcontent may be accessed and controlled by many different types of users,on many different types of devices, under many different types ofbusiness situations.

Content management systems are becoming increasingly complex in terms ofthe amount of content, the number of users, the number of differentdevices and locations from which content is provided and must bedistributed to, and the constant changing nature of business processesthat use content. Enterprise IT departments are challenged to providereliable, cost effective solutions that allow policies to be efficientlyand dynamically defined in a manner that content management systems canexecute in an efficient and scalable fashion. A well-implementedsolution would allow users to use policies to tailor the contentmanagement system to the specific needs of the individual users in amanner that does not require any structural changes to the underlyingsystem.

SUMMARY OF THE INVENTION

According to one embodiment of the present invention, a method fordefining and constraining the behavior of a shared, mobile contentmanagement system is disclosed. The method includes providing an adminconsole for defining, modifying, and managing declarative policies.Declarative policies are defined based on an XML policy model. The XMLpolicy model dictates the policies that can be expressed by the adminconsole. The defined declarative policies are enacted without requiringthe content management system to be restarted, reconfigured, orre-implemented. An XML-based policy wizard definition language isprovided to define policy wizards in the admin console that guide anadministrator through the steps of creating and editing the policies.Additionally, at least one policy repository based on LDAP is provided.The at least one policy repository has an interface and is adapted tostore a plurality of declarative policies. The policy repository hasscalable and distributed capabilities.

According to another embodiment of the present invention, a shared,mobile content management system is disclosed. The content managementsystem comprises an XML based declarative policy model for specifyingand editing content policies. The declarative policy model including adeclarative language of the form UPON <trigger> IF <condition> THEN<action>. A policy wizard for specifying: (a) new policies in a XMLrepresentation that captures a system <trigger> specifying when at leastone <condition> should be evaluated; (b) that the at least one<condition> must be true in order for the policy to be applied, and (c)at least one policy <action> that must be performed when the at leastone policy <condition> evaluates to true. A content management engine isadapted to evaluate the policies specified by the policy wizard.

According to another embodiment of the present invention, a contentmanagement system is disclosed. The content management system comprisesa policy repository for storing a plurality of policy definition filestherein. The policy definition files are written in a policy wizarddefinition language. An admin console automatically generates policywizard user interfaces based the policy definition files. The adminconsole is adapted to specify the policy wizard user interfaces in XMLas a sequence of steps that must be performed in a certain order. Thepolicy wizard user interfaces being capable of guiding a user throughthe sequence of steps to create a policy. The admin console can maplocal and distributed LDAP DNs, system defined triggers, externaltriggers, systems actions, external actions, system conditions, andexternal conditions to natural language expressions for presentation viathe generated policy wizard user interfaces.

The above summary of the present invention is not intended to representeach embodiment, or every aspect, of the present invention. Additionalfeatures and benefits of the present invention are apparent from thedetailed description, figures, and claims set forth below.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an illustration of a content management system located on anetwork, according to one embodiment of the present invention.

FIG. 2 is an architectural view of the content management system of FIG.1, according to one embodiment of the present invention.

FIG. 3 is a flowchart illustrating defining a policy by, and for use in,the content management system of FIG. 1, according to one embodiment ofthe present invention.

FIG. 4 is a flowchart illustrating the retrieval and evaluation of apolicy by a content management engine, according to one embodiment ofthe present invention.

FIG. 5 is a block diagram that illustrates a computer system upon whichembodiments of the invention may be implemented, according to oneembodiment of the present invention.

FIG. 6a is a flowchart illustrating a method utilized by a policy wizarduser interface to assist an administrator in creating a policy,according to one embodiment of the present invention.

FIG. 6b is a screen view of a policy wizard user interface, according toone embodiment of the present invention.

FIG. 6c is a screen view of the policy wizard user interface of FIG. 6b, according to one embodiment of the present invention.

FIG. 6d is a screen view of the policy wizard user interface of FIG. 6b, according to one embodiment of the present invention.

FIG. 6e is a screen view of the policy wizard user interface of FIG. 6b, according to one embodiment of the present invention.

While the invention is susceptible to various modifications andalternative forms, specific embodiments have been shown by way ofexample in the drawings and will be described in detail herein. Itshould be understood, however, that the invention is not intended to belimited to the particular forms disclosed. Rather, the invention is tocover all modifications, equivalents, and alternatives falling withinthe spirit and scope of the invention as defined by the appended claims.

DETAILED DESCRIPTION OF THE ILLUSTRATED EMBODIMENTS

Within an organization, digital content may be distributed across manydifferent types of devices, linked by many different types of networks.The content may be accessed and controlled by many different types ofusers, on many different types of devices, under many different types ofbusiness situations. To manage content under such circumstances, oneneeds to efficiently, securely and dynamically specify and execute thepolicies that define or constrain system actions in a context sensitivemanner. These policies may include everything from user preferences andprofiles to business rules for routing content, to administrationsettings for device and network capabilities. For example, a policymight specify that specific users or user groups should be notified whenspecific new content appears (from particular locations or particularusers) and that content should be automatically distributed to thedevices of those users at a particular time of day. The type ofnotification (e.g., SMS message, email, fax) and the form of the content(e.g., Excel file, plain text, URL) should also be able to be adjusteddepending on the user's preferences and the type of device that thecontent is being pushed to.

To execute such a policy, a content management system would need todiscover the relevant resources (e.g., available networks, availabledevices, content types, file system adapters, etc.), check thefeasibility of the resources (e.g., can the resources be configured toachieve the desired result taking into account security restrictions,bandwidth limitations etc.), identify content that is new (by monitoringthe source file systems), and distribute the content to the specifieddevices at the specified time. This would support both push and pulldistribution models. The trigger for publishing content to a user couldbe a regularly scheduled event, or a specific user request.Administrators could assign users to groups that receive such content,or a user could join a group receiving content through a user initiatedsubscription process.

In particular, the system should allow policy changes to be madedynamically while the system is running, and not require any scriptingor coding. The changes can be made by focusing on the business rules forcontent management not on the resource specific configuration (e.g.,networks, bandwidth, connectivity, devices, etc.) that produce theresult. Moreover, the system should allow these policies to be definedin a distributed fashion to support Internet Service Provider (ISP) andManaged Service Provider (MSP) models of management. For example, acentral body could set up the initial system and base level policies.But detailed policy rules could be added and administered by individualdepartments within an organization, or individual customers of an ISP orMSP.

ISP's provide basic network infrastructure for connecting organizationsto the Internet and connecting geographically dispersed employees andoffices within the organization. According to one embodiment, thepresent invention allows ISP's to flexibly enable more sophisticatedcontent sharing across the existing network. The ISP can define basiccontent management policies, but with a separate domain for eachorganization the ISP supports. The organization could then add their ownpolicies within the domain on top of the ISP policies already in place.

Turning now to the drawings and initially to FIG. 1, a contentmanagement system 10 is shown within a network 12, according to oneembodiment of the present invention. The content management system 10 isin electronic communication with the network 12. A plurality of systemsand devices are located on the network 12 including, for example, atleast one policy repository 14, at least one content store 16, and atleast one user device 18. As illustrated in FIG. 1, one or more contentstores may be located on a plurality of devices, such as, for example, adatabase or relational database 16 a, an ERP system (or othermanufacturing/business system) 16 b, a document or resource managementsystem 16 c, or a file system 16 d. The user devices 18 may be, forexample, a laptop computer 18 a, a cellular telephone 18 b, a PDA(either cradled or wireless) 18 c, or a smart phone 18 d. The contentmanagement system 10 allows a user on a user device 18 to access contentlocated in a content store 16, assuming the user has the properpermissions.

Referring now to FIG. 2, an architectural diagram showing theinteraction of components and actors within the content managementsystem 10 is illustrated, according to one embodiment of the presentinvention. The content management system 10 includes a contentmanagement engine 20, a policy repository 14, a content store 16, anadmin console 28, a policy model 32, and a policy wizard 36.

The content management engine 20 is policy based and provides a set ofactions for accessing and managing content—located on the content store16—that are specified, configured, and triggered by policies. Thesepolicies determine how the system should behave in response to externalrequests and internal events. The content management engine 20 isprovided with one or a plurality of policy filters and these filters canreside on a single server or across multiple servers in one or moresecurity domains. In the illustrated embodiment, a set of four policyfilters 40 a-d are provided with two filters 40 a-b being provided inparallel with another two filters 40 c-d.

The content management engine 20 includes fully-distributed, policydecision and enforcement based on a “pipe and filter” architecture. Asystem transactions processor 48 is included within the contentmanagement engine 20 as well. The system transactions processor 48requires that all system transactions pass through one or more of thepolicy filters 40 a-d that determine which, if any, policies apply tothe particular transaction. These filters 40 a-d represent the policydecision points (PDP) 44 a of the content management engine 20, whilethe system transactions processor 48 is the policy enforcement point(PEP) 44 b. These policy filters 40 a-d can search one or more local orremote policy repositories 14. Because all transactions pass through atleast one policy filter 40 a-d, it is not possible for a policy not tobe enforced by the content management system 10 if it is valid. Further,the pipe and filter architecture enables policy filters 40 a-d to beapplied serially, in either a distributed or local fashion, or inparallel, ensuring optimal system functionality as well as the abilityto enforce different policies in different locations by different systemadministrators. The content management engine 20 can be provided withone or a plurality of policy filters and these filters can reside on asingle server or across multiple servers in one or more securitydomains. In the illustrated embodiment, a set of four policy filters 40a-d are provided with two filters 40 a-b being provided in parallel withthe other two filters 40 c-d.

When a content request is made, for example, by a user on a device 18,the content management engine 20 retrieves the relevant policies fromthe policy repository 14. If one or more policies are found to apply,the content management engine 20 applies the appropriate policies sothat the desired behavior is obtained. The order of the policyevaluation is determined by the type of policy and resources involved(according to one embodiment the mechanism uses a policy filterarchitecture), as well as the manner that system transactions areprocessed.

At a PDP 44 a, a policy is evaluated by retrieving the policy objectfrom a policy repository 14, evaluating the condition attributes of thepolicy object by either evaluating an LDAP expression and/or byevaluating calls to system actions and evaluating the action attributeif the condition attributes evaluate to TRUE. If one or more policyactions conflict, a system error is generated.

Policies are evaluated, at the PDP 44 a, in one of two modes,outsourcing or provisioning. In the outsourcing mode, policy decisionsare made dynamically. This allows the policy to evaluate informationfrom multiple sources (such as the user's current device, and currentconnecting network). Alternatively, in the provisioning mode, the policyrules are compiled into specific configuration and policy parameters.For example, according to one embodiment of the present invention,security policies specified in the Extensible Markup Language (XML)declarative language are compiled into LDAP Access Control Instructions(ACI). The provisioning mode is more scalable than the outsourcing mode,but the provisioning mode is less dynamic. Both modes are used accordingto one implementation of the content management engine 20.

The content management engine 20 provides superior end user, network,and server/client performance in several different ways, including, butnot limited to, policy retrieval and server performance. Regardingpolicy retrieval, the policy schema representation enables the rapididentification and retrieval of the policies relevant to a particulartransaction. Policies within the policy repository 14 are indexed bysystem trigger(s) and condition(s). These indexes are mapped directly toLDAP domain names (DNs) and as a result can be rapidly retrieved from aLDAP registry.

Regarding server performance, the pipe and filter architecture employedby the content management engine 20 for policy decisions and enforcementenables the system to rapidly identify what policies apply to whichtransactions. Provisioning mode policy evaluation can be used to furtherimprove server performance when appropriate. When the filters aredeployed in serial, it is possible to enable different systemadministrators to apply different policies to the same transaction. Forexample, an enterprise might apply a security policy, while a contentdistributor might apply a notification policy.

The content management system 10 provides enforcement of system policiesby ensuring that every system transaction passes through one or morepolicy filter 40 a-d provided by the content management engine 20. Thisensures that a transaction cannot pass through the system 10 withoutbeing checked to comply with the various policies contained within thepolicy repository 14.

The policy repository 14 stores rich, user-friendly specifications ofpolicies in a form that is also efficient for retrieval and execution bythe content management engine 20. According to one embodiment, thepolicy repository 14 uses the LDAP protocol and directory for thestorage of system policies. The described policy repository 14 includesproprietary Content Management Policy LDAP Schema Classes, a scalable,high-speed policy indexing and retrieval algorithm, and a translator forconverting between the LDAP Schema Classes and the XML syntax used baseddeclarative policy language used for policy specification. The PolicySchema classes extend the core LDAP v 3.0 schema classes.

The policy repository 14 supports fully distributed policy decision andenforcement. Policies can be stored in a single, central policyrepository or in two or more distributed policy repositories. The policyrepository 14 can be any LDAP 3.0 directory such as Sun's SunOnedirectory server, or Microsoft's Active Directory product. Policies inthe policy repository 14 can be manipulated via the LDAP v 3.0 protocolsand a proprietary HTTP/XML based protocol. The policy repository 14 alsoenables policies to access information, and to be defined in terms ofinformation, distributed across multiple policy engine components aswell as external system components such as existing LDAP directories,databases, and software components. For example, a policy can be definedin terms of LDAP objects stored in a third-party directory and in termsof system calls to external software modules.

The admin console 28 is a graphical user interface (GUI) that allows auser to manage (add, modify, delete) policies as well as the systemactions and resources (users, content, external systems, devices) thatare referenced by policies. The admin console 28 includes a means forinstantiating policies (turning them on), turning policies off, deletingpolicies, and specifying access control policies to control policyutilization as well as policy specification and editing. The adminconsole 28 also provides the ability to specify priorities and linkrelated policies.

The admin console 28 includes a policy compiler/translator in bothdirections between the XML based declarative policy schema and theproprietary LDAP policy schema class extensions to LDAP v 3.0. Inaddition to translation, the admin console 28 also tests the consistencyof the policies—checking for conflicts. For example, if a new policy iscreated using the admin console 28, policy compilation and translationwill check to determine whether or not it conflicts with any existingpolicies.

The policy model 32 is XML based and defines the high levelrepresentation of policies, system actions, and resources which are thebasis of the content management engine 20. This is an intermediateformat from the GUI presented to the user in the admin console 28, andthe compiled optimized format that is stored in the policy repository 14and executed by the content management engine 20. The policy model 32 isan XML based declarative policy schema for specifying and describingpolicies. The policy schema describes policies in terms of theirtriggers, conditions, and actions.

The XML policy schema supports a number of different User Interface (UI)techniques for enabling end users to create, and modify policies. Inparticular, it supports the automatic generation of “policy wizards” 36in the admin console 28 based on a Policy Wizard Definition Languagethat can be used to guide an administrator to create a policy byfollowing one or more steps.

The policy wizards 36 are specified declaratively in XML. The policywizards 36 are then utilized by the content management engine 20 tocreate a policy wizard UI 220 (FIGS. 6b-e ). The policy wizard UI 220can then be used by the administrators or other authorized users tocreate different types of declarative policies for storage in the policyrepository 14. The admin console 28 guides an administrator or userthrough the definitions of policies by displaying on the GUI adynamically generated policy wizard UI 220 using an XML-based PolicyWizard Definition Language.

Generally, present systems use solutions such as rules engines and ruleseditors to create and maintain system policies. These solutions are verycomplex and require an intimate knowledge of the product to create andmaintain the policies. Though very flexible, these systems are complexand tend to overburden the end-user. Alternatively, the admin console 28of the present invention supports a wizard-based approach that enablesusers to create, edit, and modify policies, without coding, in a naturallanguage format.

When the content management engine 20 receives a content request from auser who wishes to access content from the content store 16 (as shown inFIG. 2), the request is first inspected by the policy filters 40 a-d todetermine which policies are relevant to the request. Policies areretrieved from the content management engine 20 and evaluated todetermine the sequence of actions that the engine 20 needs to take inresponse to the request. The system transaction processor 48 executesthe actions necessary to access the content in the content store (eitherto retrieve it or update it) and generate a response back to the user.In addition to the response, events associated with the actions aregenerated by the content management engine 20. These events can, inturn, be inspected by the policy filters 40 a-d and result in moresystem 10 actions. One of the actions that can be taken is to notifyusers of events that have occurred. For example, a notification could besent out to inform a user that content is available. These eventnotifications 50 may be sent out via external systems 52 in the form ofemails, SMS messages, faxes, etc.

The policy model 32 supports the expression of “publish and subscribe”policies related to the digital content, users, devices, networks andother resources that are managed by the content management engine 20.These policies can be interpreted as simple rules of the form “If somecondition exists, then take the following actions.” Together, policiesdefine the behavior of the content management engine 20 by configuring,constraining, and enabling the possible actions that the contentmanagement engine 20 is able to perform in response to requests andevents. Users can freely add and delete policies from the policyrepository 14 to affect behavior without requiring any scripting, codingor interruption of the services provided by the content managementengine 20. These policies can be used to precisely tailor systemfunctionality so that it can be quickly tailored to meet the diverseneeds of the system's users.

Moreover, the content management engine 20 can be distributed across anynumber of locations wherever content is located inside or outside anorganization's firewalls. It can also manage content that is inside oroutside an organization's firewalls. This is essential for MSP/ASPbusiness models, and for supporting mobile users who are on the roadoutside the office.

The content management engine 20 provides policy retrieval andevaluations, system transaction processing, and event notification tothe users of the content management system 10. Policy retrieval andevaluations are used to determine the behavior of the content managementengine 20 in response to requests, events, or other detectable trigger.The system transaction processor 48 performs the required actions in asecure and scalable fashion. Event notifications allows the contentmanagement engine 20 to trigger policies in response to monitored eventslike schedules and changed content, and to inform users andadministrators of its actions. For example, a notification could be sentout to inform a user that new content is available. These eventnotifications 50 may be sent out via external systems 52 in the form ofemails, SMS messages, faxes, etc.

In the preferred implementation of this mechanism policy retrieval andevaluation is based on a policy filter architecture to ensurescalability and facilitate the process of matching policies to requestsand events. Different policy filters can manage different types ofpolicies and configure different types of system resources. Depending onthe filter they can be run serially or in parallel to maximizethroughput and scalability.

FIG. 3 is a flowchart illustrating the creation of a policy by adeveloper and/or administrator utilizing the policy wizard 36 of theadmin console 28, according to one embodiment of the present invention.First, the policy wizard 36 is defined by an XML file written using thePolicy Wizard Definition Language (PWDL), at step 60. The policy wizard36 is generally written by a developer for later use by anadministrator. The administrator can then select the policy wizard 36,at step 62, in the admin console 28 to define a new policy. The newpolicy is defined, at step 64, by following a plurality of steps thatthe policy wizard 36 guides the administrator through. Once the wizard36 has been completed then the newly-defined policy is stored in thepolicy repository 14, at step 66. The system administrator can retrievestored policies, at step 66, and modify the policy, at step 67. Theadministrator may change any number of items by selecting, from theadmin console 28, the stored policy in the policy repository 14. Theadministrator can then re-proceed through the steps with the policywizard 36 as the guide. The modified policy may then be stored in therepository, at step 65. Once the system administrator is satisfied withthe policy it can be activated, at step 69, in the policy repository 14.At that point, the content management engine 20 will apply the policywhere appropriate using its policy retrieval and evaluation components44 a-b.

The policy schema representation is compliant with the Java Architecturefor XML binding (JaxB). In the preferred implementation for thismechanism, JaxB is used to allow a wizard engine to “read” wizarddefinition files to create an effective, easy to use user interfaces. Inthe current implementation, a tag embedded in the admin console 28parses the wizard definition files (policy wizards 36). This tag thenintelligently determines which step of the wizard the user is on, andprovides the user with the appropriate options to choose from. WhilePWDL is used to define—and automatically generate—wizards for creatingpolicies, PWDL can be applied in any situation where a complicated setof parameters must be assigned values by end users.

In the admin console 28, each policy is mapped to a number of definitionfiles generated by PWDL. The wizard definition files—generated inPWDL—each define a single policy wizard UI 220. These files are storedto enable future policy modification and editing, at steps 66-67, andare also translated into policies that are stored in the policyrepository 14.

The wizard definition files describe policy wizard details, such as, howmany steps does the wizard contain, what are the users prompts for eachstep, what are the options available in each step, what are theinterdependencies between options from one step to another, whatconditions may apply, which actions should this policy fire, etc.

The admin console 28 utilizes the wizard definition files toautomatically generate a policy wizard UI. The preferred instantiationof the wizard UI is a Web based UI, though this is not required for theinvention. The wizard definition files are easily extensible to enablethe addition of new policy wizard information such as might be requiredby different UIs.

In addition to describing wizard details, PDWL can record a user'schoices in a PWDL described wizard. By recording a user's choices, PWDLcan be used to edit or modify an existing policy with the originalchoices “pre-selected” in each step. In addition, PWDL can be used togenerate a natural language description of the policy in which theuser's choices are “highlighted” using a variety of techniques such as“color coding,” “bold type,” and “italic type.”

If the wizard definition language is ever modified, say by addingadditional policy wizard details, then all existing policies that havebeen generated using the language can be tested for validity against thenew PWDL schema. Since the wizard definition language is XML, it ishuman readable, enabling policies to be modified by directly editing theXML descriptions of the policies instead of using a policy wizard UI.Enabling direct editing of the XML descriptions maximizes the systemsflexibility—allowing users who are well-acquainted with policies tocreate and edit them without assistance from a developer.

According to one embodiment, the policy wizard 36 is designed to takeadvantage of the Java 2 Enterprise Edition (J2EE) framework, the ApacheStruts framework, the Apache Taglib framework, the JavaScriptprogramming language, and the Java Architecture for XML binding (JaxB)technology. The current implementation uses JaxB to convert the XMLdocuments that define the wizards into Java Objects. These Java objectsare referred to within an Apache Taglib tag embedded in a J2EE JSP. Theuser's choices are stored in the JSP using JavaScript, and processedusing a Action Handler from the Apache Struts framework.

The JSP page has JavaScript embedded in it for tracking the user'schoices while they are on a particular step. These choices are passed tothe Action Handler when the user requests to move to another step. TheJavaScript also populates the JSP Form with the choices the user hasmade when a policy is being edited. The policy wizard step tag allowsthe presentation layer of the admin console 28 to have an intimateknowledge of the Java Objects created by the JaxB compiler, withoutexposing them to the JSP designer. This design achieves a clearseparation between the presentation logic in the JSP and the wizardlogic that is in the PWDL tags. The tag reads the wizard definitionfile, and then writes the UI components required to the JSP. Whensubmitted, the user choices (passed in XML format) are converted to JavaObjects in the Action Handler using JaxB. The Action Handler then eithercreates a new policy object, or if the user is editing an existingpolicy, retrieves the policy from the LDAP policy repository andmodifies it. The policy is then stored in the policy repository 14.

Policies can be specified using conditional rules of the form:

IF some condition is true, THEN perform this action.

Using the admin console 28, a user with the appropriate systemprivileges, specifies the behavior of the content management engine 20by defining new policies (step 64) or modifying existing policies (step67). The language of the policies is defined by the policy model 32which defines the conditions and actions that are possible and, moreimportantly, the system resources that can be referenced when specifyingthe policies. According to one embodiment, the policy wizards 36 aredefined and the admin console 28 uses the wizards to guide a userthrough the possible choices for creating a policy.

Once the desired policies have been created, the administrator mayactivate them, at step 69. This has the affect of compiling the policyinto the policy repository 14 so that it can be retrieved and executedby the content management engine 20. When a policy is executed, thecontent management engine 20 provisions and configures the contentnetwork resources that are required to obtain the desired behavior. Forexample, if an administrator wishes to set up a content network thatenables the automatic distribution of digital content from a particularsupplier to a particular user at a particular time of day they mightspecify a policy of the form:

-   -   Whenever supplier X has new digital content, install that        content on user Y's device between 9 p.m. and 11 p.m. and notify        the user dynamically according to the method defined in their        user preferences (email, SMS, fax).

Underlying this relatively simple policy might be a variety of differentsystem resources. Each of these has to be configured so that the desiredresult is achieved. For example, security provisioning must ensure thatuser Y can access supplier X's content, the distribution system mustensure that the content can actually be installed on user Y's device,and the network that connects Y to the content must be adequate to thetask.

Once a policy has been activated, the content management engine 20automatically identifies when the policy should be executed. In otherwords, it identifies what “triggers” the policy's application. Sometimesthe policy triggers are internal to the content management engine 20 andsometimes they are external. In the previous example, the contentmanagement engine 20 may utilize an event notification sub-system 48(FIG. 2) that wakes up at specified times such as at 9 p.m.

Sometimes triggers result from user requests to the content managementengine 20. For example, a user with a PDA device requests a list of allthe content that they can consume. In response to the request, thepolicy engine retrieves the set of policies that are applicable to thecurrent user and their request and executes them, resulting in asequence of system actions, and possibly the triggering of other events.The retrieval and execution of policies is performed through the policyfilter framework that can flexibly control the order in which policiesare retrieved, evaluated, and executed depending on the types ofcontent, resources involved, and other factors like the time of day,current load, and network bandwidth.

Referring now to FIG. 4, a method for responding to a content request bythe content management engine 20 is illustrated, according to oneembodiment of the present invention. At step 70, a request for contentis made either by a user or when an event has occurred. The contentrequest is then received by the content management engine 20 (FIG. 2),at step 74. The filters 40 a-d (FIG. 2) of the content management engine20 then search the policy repository 14 to determine the relevantpolicies associated with the particular request and, at step 76, therelevant policies are retrieved by the content management engine 20.These policies are then evaluated, ate step 78, by the systemtransaction processor 48 (FIG. 2). The system transaction processor 48initiates one or more system transactions, at step 80, based on theevaluation of the policy in association with the content request. Forexample, the system transaction processor 48 may generate a contentresponse, as step 82, or an event notice, at step 84. The contentresponse generated at step 82 can then be communicated to a user device18 (FIG. 2), at step 86. Similarly, the event notice generated at step84 can then be communicated to a user device 18, at step 86, or to anexternal system, at step 88.

FIG. 5 is a block diagram that illustrates a computer system 100 uponwhich embodiments of the invention may be implemented. Computer system100 includes a bus 102 or other communication mechanism forcommunicating information, and a processor or processors 104 coupledwith bus 102 for processing information. Computer system 100 alsoincludes a main memory 106, such as a random access memory (RAM) orother dynamic storage device, coupled to bus 102 for storing informationand instructions to be executed by processor 104. Main memory 106 alsomay be used for storing temporary variables or other intermediateinformation during execution of instructions to be executed by processor104. Computer system 100 further includes a read only memory (ROM) 108or other static storage device coupled to bus 102 for storing staticinformation and instructions for processor 104. A storage device 110,such as, for example, a magnetic disk or optical disk, is provided andcoupled to bus 102 for storing information and instructions.

Computer system 100 may be coupled via bus 102 to a display 112, such asa cathode ray tube (CRT), liquid crystal display (LCD), or may be ahandheld active or passive display, for displaying information to acomputer user. An input device 114, including alphanumeric and otherkeys, is coupled to bus 102 for communicating information and commandselections to processor 104. Other user input devices include cursorcontrol 116 or microphone 117. Cursor control 116 may include one ormore of any number of devices, such as, for example, a mouse, atrackball, or cursor direction keys for communicating directioninformation and command selections to processor 104 and for controllingcursor movement on display 112. The cursor control 116 typically has twodegrees of freedom in two axes, a first axis (e.g., x) and a second axis(e.g., y), allowing the device to specify positions in a plane.

Execution of sequences of instructions contained in main memory 106causes processor 104 to perform the process steps described above. Oneor more processors in a multi-processing arrangement may also beemployed to execute the sequences of instructions contained in mainmemory 106. In alternative embodiments, hard-wired circuitry may be usedin place of or in combination with software instructions and it is to beunderstood that no specific combination of hardware circuitry andsoftware are required. Instructions may be provided in any number offorms such as source code, assembly code, object code, machine language,compressed or encrypted versions of the foregoing, and any and allequivalents thereof “Computer-readable medium” refers to any medium thatparticipates in providing instructions to processor 104 for executionand “program product” refers to such a computer-readable medium bearinga computer-executable program. The computer usable medium may bereferred to as “bearing” the instructions, which encompass all ways inwhich instructions are associated with a computer usable medium.Computer-readable mediums include, but are not limited to, non-volatilemedia, volatile media, and transmission media. Non-volatile mediainclude, for example, optical or magnetic disks, such as storage device110. Volatile media include dynamic memory, such as main memory 106.Transmission media include coaxial cables, copper wire and fiber optics,including the wires that comprise bus 102. Transmission media can alsotake the form of acoustic or light waves, such as those generated duringradio frequency (RF) and infrared (IR) data communications. Common formsof computer-readable media include, for example, a floppy disk, aflexible disk, hard disk, magnetic tape, any other magnetic medium, aCD-ROM, DVD, any other optical medium, punch cards, paper tape, anyother physical medium with patterns of holes, a RAM, a PROM, and EPROM,a FLASH-EPROM, any other memory chip or cartridge, a carrier wave asdescribed hereinafter, or any other medium from which a computer canread.

Various forms of computer readable media may be involved in carrying oneor more sequences of one or more instructions to processor 104 forexecution. For example, the instructions may initially be borne on amagnetic disk of a remote computer. The remote computer can load theinstructions into its dynamic memory and send the instructions over atelephone line using a modem. A modem local to computer system 100 canreceive the data on the telephone line and use an infrared transmitterto convert the data to an infrared signal. An infrared detector coupledto bus 102 can receive the data carried in the infrared signal and placethe data on bus 102. Bus 102 carries the data to main memory 106, fromwhich processor 104 retrieves and executes the instructions.Instructions received by main memory 106 may optionally be stored onstorage device 110 either before or after execution by processor 104.

Computer system 100 may also include a communication interface 118coupled to bus 102 to provide a two-way data communication coupling to anetwork link 120 connected to a local network 122. For example,communication interface 118 may be an integrated services digitalnetwork (ISDN) card or a modem to provide a data communicationconnection to a corresponding type of telephone line. As anotherexample, communication interface 118 may be a local area network (LAN)card to provide a data communication connection to a compatible LAN.Wireless links may also be implemented. In any such implementation,communication interface 118 sends and receives electrical,electromagnetic or optical signals that carry digital data streamsrepresenting various types of information.

Network link 120 typically provides data communication through one ormore networks to other data devices. For example, network link 120 mayprovide a connection through local network 122 to a host computer 124 orto data equipment operated by an Internet Service Provider (ISP) 126.ISP 126 in turn provides data communication services through theworldwide packet data communication network, now commonly referred to asthe “Internet” 128. Local network 122 and Internet 128 both useelectrical, electromagnetic or optical signals that carry digital datastreams. The signals through the various networks and the signals onnetwork link 120 and through communication interface 118, which carrythe digital data to and from computer system 100, are exemplary forms ofcarrier waves transporting the information. Thus the processing requiredby method of the invention described by way of example herein may beimplemented on a local computer utilizing storage device 110 or may beimplemented, for example, on a LAN or over the Internet.

Computer system 100 can send messages and receive data, includingprogram code, through the network(s), network link 120, andcommunication interface 118. In the Internet example, a server 130 mighttransmit a requested code for an application program through Internet128, ISP 126, local network 122 and communication interface 118. Inaccord with the invention, one such downloaded application provides fortransmitting an inspection procedure to an inspector at a remoteinspection data from a central computer and receiving, in the centralcomputer, information transmitted from the inspector at a remotelocation to permit processing of the inspection information by thecentral computer. The received code may be executed by processor 104 asit is received, and/or stored in storage device 110, or othernon-volatile storage for later execution. In this manner, computersystem 100 may obtain application code in the form of a carrier wave.

The policy model 32 (FIG. 2) utilized by the content management engine20 will now be more fully described. As discussed above, a contentmanagement policy is a high level statement of intentions. A policy isspecified as a conditional declarative statement of the form:

UPON <trigger> IF <condition> THEN <action>

The <action> is only performed if the <condition> statement logicallyevaluates to TRUE, when the system <trigger> exists.

A <trigger> may be any detectable event in the content management engine20 (FIG. 2). The trigger can be internal to the content managementengine 20 (e.g., created by some system component such as an eventnotifier) or external to the content management engine 20 (e.g., createdby a component external to the content management engine 20 such as acorporate Lightweight Directory Access Protocol directory). Triggers canalso be related to a user action, such as, requesting a new piece ofcontent or a system generated event, such as, a particular time and datebeing reached. The content management engine 20 currently exposes allavailable actions as triggers in the policy language. New systemtriggers are made available by exposing the required business logic orby exposing the Application Program Interface (API) calls to externalsystems.

A <condition> is usually represented as a disjunction (logical OR) ofexpressions about the current state of the content management engine 20.In other words, if at least one of the expressions is true, then the<condition> evaluates to true and the <action> will be performed. Eachexpression in the listed <condition> can be represented as either (1) awell-formed Lightweight Directory Access Protocol (LDAP) search string,or (2) a conjunction of logical predicates and/or propositions that mapto system defined methods (methods implemented in the business logic andexposed in the policy language) or standard mathematical methodssupported by the LDAP programming language (e.g., equals, greater than,less than, similar to, etc.). Each method can take as argumentsDistinguished Names (DNs) of objects in system accessible LDAPregistries such as the DN for a user profile or a particular deviceprofile. For example, a mathematical method “greater than” might take asarguments a constant “20” and a DN that maps to the maximum amount ofavailable memory on a particular device. When the mathematical method isevaluated it returns TRUE if the amount of available memory is greaterthan 20 and FALSE otherwise.

The <condition> is written as:

Expression1 or Expression2 or Expression3 or . . . or ExpressionN

such that “OR” is a logical or, and each Expression is written as:

Predicate1 and Predicate2 and Predicate3 and . . . and Predicatej

such that “AND” is a logical and. Alternatively, each Expression can bewritten as a well-formed LDAP search string that evaluates to the nullset if the result of the search is FALSE and the non-null set if theresult is TRUE. Each <condition> statement maps to a multi-valued LDAPobject attribute in a Policy object. Each C1 maps to one of the valuesof the multi-valued attribute. In LDAP, multi-valued attributes mapdirectly to disjunctions of the attribute values and evaluate to a nullset none of the attributes are TRUE or map to a non-empty set if one ormore of the attribute values are TRUE.

The <action> is represented as a conjunction of ACTIONS, such as:

A1 and A2 and . . . and AN

All A_(i) in <action> map to either (1) an API call supported by thecontent management engine 20, or (2) a well-formed LDAP string thatperforms a LDAP action upon a LDAP registry such as a deletion, aninsertion, or a modification. Within each <action> statement, theindividual actions A_(i) are ordered. That is, A1 is evaluated beforeA2, and so on.

The content management engine 20 distinguishes between two kinds ofpolicies, (1) those that persist throughout the life cycle of thesystem, or change very infrequently, and (2) those that are subject tofrequent change and only apply or are relevant for specific periods oftime. Persistent policies remain relevant for long periods of time.Persistent policies can be modified or deleted and are consideredrelevant if they exist as instantiated policies within the policysystem.

Alternatively, transient policies are relevant over a specific period oftime or between specific system triggers. Typically, the time period isrelatively short in duration and is terminated by a specific systemaction. An example of a transient policy in the content managementengine 20 is one, such as, “IF the user's device is connected on a802.11 network, THEN copy this item to that device.” In this example,the policy is not relevant until the user connects using a 802.11network. When the user does connect, the system generates the transientpolicy. The policy results in a specific piece of content being copiedto the user's device. Once the item has been copied, the policy is nolonger relevant and is either inactivated or deleted from the policyrepository 14.

The content management engine 20 utilizes transient policies as analternative to status flags to specify what system actions have to beperformed on system resources. For example, instead of setting a statusflag on an item (and specifying the system schema required to do so),the content management engine 20 instantiates transient policies thathave the same effect. Instead of setting a status flag on an item in auser profile that is interpreted as “this item is not currently on theuser's device and should be,” the content management engine 20 canspecify a transient policy that is applied when the relevant conditionsare met, such as, “the user's device is currently connected to theserver, so execute the policy.” Instead of searching through all thesystem resources for status flags, the content management engine 20 cansimply identify the relevant transient policy and evaluate it.

The content management engine 20 provides an extension to the LDAP v 3.0policy schema that enables it to represent policy specific information.Because the content management engine's 20 LDAP policy schema extendsthe LDAP standard, the policies can be stored on any LDAP v 3.0.compliant directory including Sun's SunOne directory server, andMicrosoft's Active Directory product.

As discussed above with respect to FIG. 2, the policy wizards 36 enableadministrators to specify different types of policy wizard filesdeclaratively using an XML-based PWDL. FIGS. 6a-e describe andillustrate the creation of policies utilizing a policy wizard UIgenerated by the admin console 28 from the policy wizard file created bythe policy wizard 36, according to some embodiments of the presentinvention.

A policy wizard UI 220 is a technique for enabling users to performcomplex tasks in which a number of parameters must be assigned values inorder for a system to behave appropriately. Typically, a wizardencapsulates a set of steps that a user must follow. These steps aregenerally ordered and each step can consist of one or more options.Wizards can be implemented in a number of different ways. Typically,they are hard coded by a system programmer utilizing some programminglanguage or web based representational format such as HTML. Thedifficultly with this approach is that it is relatively difficult tocreate “new wizards.” Each wizard requires a programmer to implement thedesired solution. The present invention, however, allows new wizards tobe created using the policy wizard 34. Thus, as will be described withrespect to FIGS. 8a-b , new wizards can be created without requiring anadministrator to hard code the desired solution.

FIGS. 6a-e will discuss the utilization of a policy wizard UI—generatedby the admin console 28—for allowing an administrator or user togenerate policies that the content management engine 20 can retrieve andevaluate from the policy repository 14.

Referring now to FIG. 6a , a method for defining a catalog policy isillustrated according to one embodiment of the present invention. Acatalog policy is a set of policies that apply to captured content itemsthat either: automate the notification of changes within the catalog viaemail or SMS; install new or modified items; or de-install items deletedfrom the catalog. At step 200, an event is specified to serve as a<trigger> for the policy. As illustrated in FIG. 6b , a policy wizard UI220 is shown that may be displayed on the UI of the admin console 28(FIG. 2). The policy wizard UI 220 includes a directory frame 224 and adefinition frame 228. The definition frame 228 is used by anadministrator to define the policy being created. As illustrated in FIG.6b , an administrator or user is provided four options to select a<trigger> from. The administrator may, for example, select “the additionof an item to a folder” as the <trigger> by choosing radio button 232 a.Alternatively, the administrator may select “the removal of an item fromthe folder” as the <trigger> by choosing radio button 232 b or “theupdate of a catalog item” may be selected as the <trigger> by choosingradio button 232 c. Further, the administrator may select “the binaryfile(s) associated with an item have been modified” as the <trigger> bychoosing radio button 232 d. When either of the first three radiobuttons 232 a-d are selected, the administrator can define the folder orfolders that the policy should apply by utilizing the folder sub-frame310. When the fourth radio button 232 d is selected, in this example,the administrator can define the item that the policy should apply withan item sub-frame similar to the folder sub-frame 310.

The folder sub-frame 310 includes a directory area 312 and definitionalarea 314. The definitional area 314 allows the administrator to selectfrom the available folders. Each available folder that can be monitoredis provided with a checkbox 318 that can be selected. The administrator,in the illustrated example, may select to monitor either or both of theadmin folder or the IT folder by selecting the corresponding checkbox318 a and/or 318 b, respectively.

The definition frame 228 is also provided with a “wizard summary” box236. The wizard summary box 236 may be used to display to theadministrator a natural language explanation of a policy utilizing theselected <trigger>, Once a <trigger> has been selected, theadministrator selects the “next” button 240 to move on to the next stepof the wizard.

Referring again to FIG. 6a , once the administrator has selected a<trigger>, at step 200, the administrator is then prompted to select oneor more <condition> for the chosen <trigger>. As illustrated in FIG. 6c, the administrator may select one or more <condition> by choosing froma plurality of checkboxes 242 a-b. Each checkbox 242 a-b represents a<condition> that may be associated with the <trigger> selected in step200, and multiple <conditions> can be assigned for each checkbox byutilizing the “keywords” sub-frame 320. The keywords sub-frame 320includes a “new keyword” field 324 and a “keyword list” box 328. Theadministrator can enter a specific keyword into the new-keyword field324 and then assign the entered keyword by selecting the “add keyword”button 332. The keyword-list box 328 contains a listing of all of theassigned keywords. An assigned keyword can be unassigned by selectingthe appropriate keyword and then selecting the “remove selected” button336.

After selecting one or more <condition> and assigning the desiredkeywords to each condition, the administrator can select the “next”button 240 to move on to the next step of the wizard or may select the“prey” button 244 to return to the previous step of the wizard. Theadministrator, thus, is able to set the conditions under which thepolicy is valid. The administrator can choose whether all of theselected conditions must be true (AND) by selecting radio button 245, orwhether any of the selected conditions apply (OR) by selecting radiobutton 246. As illustrated in FIG. 6c , the wizard-summary box 236provides a natural language description of the created policy to throughthis step to the administrator.

Turning once again to FIG. 6a , once the administrator has selected botha <trigger> and one or more <condition>, the administrator is promptedto select the <action> or outcome of the policy. The administrator mayalso specify the target users or groups of users for the selected<action>. As illustrated in FIG. 6d , the administrator may select oneor more <action> by choosing from a plurality of checkboxes 248 a-h.Similar to FIG. 6c , each checkbox 248 a-h represents an <action> thatmay be associated with the <trigger> selected in step 200. Afterselecting one or more <action>, the administrator can select the “next”button 240 to move on to the next step of the wizard or may select the“prey” button 244 to return to the previous step of the wizard.

If the administrator selects to use a custom e-mail template, an e-mailtemplate sub-frame 340 can prompt the administrator to create a customemail to be sent with the item, as illustrated in FIG. 6d . From thistemplate, the administrator can specify whether the e-mail shouldinclude or attach the content, or whether the content should be embeddedin or attached to the email—by selecting the corresponding radio button344 a-c. The administrator may also specify a subject for the e-mail byinserting the subject into a “subject” field 348. The administrator mayalso select a priority setting, such as, low, medium, or high, by usingthe drop-down menu bar 352. The administrator can additionally insert astandard message to be sent with the content by utilizing the “message”field 354.

Returning to FIG. 6a once more, the administrator is prompted to namethe newly-created policy, at step 212, so that it may be viewed and/oredited at a later time. As illustrated in FIG. 6e , the wizard promptsthe administrator to insert a name for the newly-defined policy into thefield box 252. If the specified policy name does not conflict with anearlier defined policy, the policy will be saved into the policyrepository 14. Alternatively, if the policy name does conflict, theadministrator is prompted to either rename the policy or over-write thepreviously-created policy. The wizard-summary box 236 enables theadministrator to determine the results of the policy by providing anatural language description of the policy to the administrator. Oncethe policy has been named and saved to the policy repository 14, theadministrator may select the “finish” button 256 to exit the wizard.

Referring again to FIG. 6a , the method may also be used to define alogging policy, according to another embodiment of the presentinvention. A logging policy is a set of policies that apply to thelogging of events in the system. Once the event occurs and conditionsmatched, an entry may be made in a log file or an email/SMS notificationsent to specified user(s).

The method of FIG. 6a may also be used to define a network policy,according to another embodiment of the present invention. The contentmanagement system 10 (FIGS. 1-2) provides a content distributionfunction that queues files pending user connection in response to one ormore of the following: (1) conditional policy actions; (2) administratorpush; and (3) requests by the user.

A given usage scenario may afford the user a choice of network servicesover time, from expensive, low bandwidth general packet radio services(GPRS) when they are on the road to “free,” high bandwidth LAN at theirdesk using a cradle. With choice comes the option to defer fulfillmentof a large, or low value file (or other content request) to a time whereit may be more effectively delivered. The content management engine 20can determine the network service where the connection is between theoptional client and server. On reconcile, the policy will identify thetype of connection and apply conditional tests to the user and contentto determine for each queued file whether it should be delivered orremain queued for later delivery.

Network policies, as described above, benefit both the administrator andthe end user. Administrators can enforce network policies to helpalleviate network usage during peak times (saving time and money), whileend users benefit because they do not have to endure long wait timeswhile the system attempts to install a large item.

According to one embodiment, the content management engine 20 utilizes apolicy to constrain fulfillment to the device based on a bestinterpretation of cost and value. This policy enforces a deliveryconstraint during the reconcile event on matching certain conditions. Insome embodiments, the constraint will be enacted on a per-item basis.The policy should be implemented for all items irrespective of the eventthat initiates the action—user self-installed, administrative push orpolicy. The network policy is triggered on reconcile or installation.

According to some embodiments, the network policy <trigger> is thedetection of a reconcile using a GRPS or 1× connection. Once this<trigger> is identified, the policy can be invoked. According to otherembodiments, the network policy <trigger> is the detection of WiFi orCradle/LAN connections. When one of the above <trigger> is recognizedthe content management engine 20 may test for one or more of thefollowing conditions: the content size; the content type; the item name;the time of day (so as to allow the administrators to constrain areconcile or install event to a specific time of day); and the day ofthe week

Where a user is self-installing an item but the network policy preventsfulfillment, this is likely to be interpreted as a system failure unlessa message is returned. Thus, the network policy may generate a responsefrom the content management system 10 (FIGS. 1-2) informing the userthat that the item cannot be fulfilled at this time.

According to one embodiment, the content management system 10 providesan XML based declarative policy model 32 for specifying and editingcontent policies. The policy model includes a declarative language ofthe form “UPON <trigger> IF <condition> THEN <action>.” The policy modelfurther includes the ability to specify new policies in a XMLrepresentation that captures the system trigger specifying when thepolicy conditions should be evaluated, the policy conditions that mustbe TRUE in order for the policy to be applied, and the policy actionsthat are performed when the policy conditions evaluate to TRUE. Thepolicy model further includes the ability to modify an existing policyvia a web based User Interface by editing the trigger(s), condition(s),or action(s).

According to one embodiment, the content management system 10 includes aweb based admin console 28 that enables a system administrator to reviewexisting policies contained within a policy repository 14, modify theexisting policies, create new policies, instantiate policies, disablepolicies, delete policies, archive policies, and import/export policies.

According to one embodiment, the admin console 28 can automaticallygenerate policy wizards 36 that a system administrator can utilize tocreate and modify policies. Policy wizards 36 are defined in XML formatbased on an XML wizard definition language called the Policy WizardDefinition Language. The policy wizards 36 specify a sequence of stepsthat the system administrator must perform in a specific order, as wellas the dependencies amongst steps (e.g., parameter X, in step Y, must bespecified before parameter A in Step B can be specified). The adminconsole 28 provides the ability to present the policy wizard 36 to theend user either via an HTML page displayed in a browser or via anapplication that parses the XML representation of the Wizard.

According to one embodiment, the content management system 10 includes ahigh-performance policy retrieval and evaluation component foridentifying, storing and retrieving policies from a policy repository14. The policy repository implements an index to enable high performanceretrieval using a tuple <TRIGGER, OPERATION, SUBJECT, OBJECT> such thateach item in the tuple maps to a system action, a LDAP DN, or a wildcard(an item specifying that the specific value of the item is notrequired). The policy retrieval and evaluation component supports wildcard parameters in the policy identification tuple if a particularparameter is irrelevant. A wild card parameter in a tuple is a “don'tcare” placeholder and will map to any parameter value. For example, anadministrator might wish to use a wild card in a policy that fires whenany user attempts to access the system or when any kind of device isused to access content. The policy repository 14 is able to translateany policy identification tuple into a LDAP DN that is used to index anindividual policy, or a set of policies if wildcards are present. Thepolicy repository can quickly retrieve all policies, based upon theirLDAP DNs that are relevant to a particular system <trigger> and set ofsystem <conditions>. The policy retrieval and evaluation component canstatically optimize the retrieval of relevant policies by ordering theelements of the policy identification tuple to improve systemperformance related to the retrieval of policy objects. The policyretrieval and evaluation component can dynamically optimize theretrieval of relevant policies by building a LDAP search tree thatindexes against any of the elements of the tuple with the appropriatedelimiters.

According to one embodiment, the policy repository 14 is implemented asa standard LDAP object schema. The LDAP object schema includes, but isnot limited to, a multi-valued condition object attribute, an orderedmulti-valued action object attribute, and A set of miscellaneous objectattributes. The multi-valued condition object attribute is configuredsuch that each value of the objects maps to a single condition in adisjunction of policy conditions, and each object attribute value can bea well-formed LDAP string or a call to a system implemented method. Theordered multi-valued action object attribute is configured such thateach value of the object maps to one action in a conjunction of policyactions, and each action is evaluated in order of appearance. The set ofmiscellaneous object attributes includes the common name of the policy,the owner of the policy, the description of the policy, the status ofthe policy, and the access rights associated with the policy.

According to one embodiment, the content management system 10 includes aLDAP accessible LDAP policy repository 14 for storing, and retrievingLDAP policy objects. The policy repository 14 includes a highperformance, secure, fully distributed, LDAP based policy repository,and for the ability to distribute LDAP policy objects across multiplephysical instances of LDAP directories.

According to one embodiment, the content management system 10 implementsa system transaction processing component that is able to replace systemstatus flags and pending system actions with transient policies (thatare processed by the policy retrieval and evaluation component). Systemresources are locked by instantiating a transient “locked” policy whenthe system resource needs to locked and turning off or deleting thetransient policy when the system no longer needs to be locked. “Checkin/check out” version control on digital content is supported byinstantiating transient “checked in” and “checked out” policies. If apiece of content must be “checked in and out” a system policy is createdstating this effect. When a user “checks out” a piece of digital contentthat has a “checked in and out policy” associated with it from a contentrepository, a transient policy is instantiated stating who the user is(using their LDAP user profile DN) and what device they have the contenton (using the device LDAP device profile DN). They also create anothertransient policy stating that the content cannot be accessed by anyoneelse (the locked policy). The policy is triggered on the “CHECK IN”action (e.g., when a piece of content is put back in the system). Whenthe policy is evaluated it first disables itself, and then disables thelocked policy so that some one else can check the content out.

According to one embodiment, the content management system 10 implementsan event notification component based on defining event notifications aspolicies (processed by the policy retrieval and evaluation component)that trigger actions to invoke external systems (email, SMS, fax, etc.)to deliver notifications. The event notification system represents eventnotifications as simple event policies specifying the desired systemtrigger, conditions, and actions, and it can be flexibly extended byadding additional notification devices such as fax notification, e-mailnotification, and voice notification, as policy actions.

According to one embodiment, the content management system 10 includes adistributed, highly efficient and scalable pass-through policy filterarchitecture for implementing policy decision points (PDPs) and policyenforcement points (PEP) that enables the detection and enforcement ofthe policies relevant to a any system transaction. The pass-throughpolicy filter architecture ensures that no system transaction can bypassthe PEP unless specifically configured by the system administrator. Thepass-through policy filter architecture provides scalable PDP and PEP byinstantiating multiple policy filters in parallel and load balancing thetransactions across them. The pass-through policy filter architectureprovides distributed PDP and PEP by instantiating policy filters indifferent locations improving system throughput and performance andsecurity. The pass-through policy filter architecture also enablesmultiple policies to be applied to the same transaction at differentlocations such that each location is in a different security domain andadministered by system administrators.

Examples of Policies

The policy “Send the group RnD an email notifying them of any new itemsin the Release Notes catalog” would be represented as:

-   -   tcocpolicy        -   uniqueIdentifier=123456789        -   tcPolicyType=Catalog        -   tcDisplayName=Release Note Catalog Update        -   tcActivityState=ACTIVE        -   tcPolicyEventType=WAREHOUSE_ITEM_ADDED        -   tcOCPolicyActionDN=uniqueIdentifier=abcdefg,        -   ou=Actions,ou=Policies,dc=mExperience        -   tcPolicyCondition=        -   com.truecontext.wasabi.business.catalog.Catalog.getCatalogID$=$tccatalo        -   gname=Release Notes, ou=catalogs, dc=mExperience        -   tcDisplayInfo=1,2,3, (based on UI requirements)    -   tcocemailaction        -   uniqueIdentifier=abcdefg        -   tcCommand=        -   com.truecontext.wasabi.business.misc.email.JMSMailHelper $            sendEmail        -   $ tcrecipient $ tcsubkect $ tcpayload $ tcsender $            tcpriority        -   tcPayload=A new item had been added to the        -   $com.truecontext.wasabi.business.catalog.Catalog.getCatalogName$.        -   tcPriority=Normal        -   tcRecipientUserDN=        -   tcRecipientGroupDN=cn=RnD, ou=Groups, dc=mExperience        -   tcSenderDN=uid=tc_sysop, ou=People, dc=mExperience    -   tcSubject=A new item has been added a a catalog.

While the present invention has been described with reference to one ormore particular embodiments, those skilled in the art will recognizethat many changes may be made thereto without departing from the spiritand scope of the present invention. Each of these embodiments andobvious variations thereof is contemplated as falling within the scopeof the claimed invention, which is set forth in the following claims.

1-26. (canceled)
 27. A distributed, scalable policy filter architecturefor a content management system comprising: a computer comprising aprocessor and a memory; a policy repository for storing a plurality ofpolicies stored in the memory, the policy repository comprising aninterface for allowing a content management engine run on the processorto retrieve the stored policies via a plurality of indexes of the storedpolicies, the indexes including a system trigger index and a conditionindex, each of the plurality of indexes being tied to a specific domainname in a directory; the content management engine comprising: aplurality of filters that act as policy decision points, the pluralityfilters retrieving the relevant policies from the policy repository, thefilters being adapted to retrieve and evaluate the policies via theinterface of the policy repository, the evaluation of the policies bythe plurality of filters to determine what system transactions arerequired in response to a content request; and the evaluation of thepolicies being performed in at least one of an outsourcing mode and aprovisioning mode; and a systems transactions processor that requiresevery content request to pass through the plurality of policy filtersbefore the request is processed.
 28. The policy filter architecture ofclaim 27, wherein the plurality of filters are instantiated in parallelto enable load balancing and increased throughput.
 29. The policy filterarchitecture of claim 28, wherein the plurality of filters aredistributed on a plurality of different machines.
 30. The policy filterarchitecture of claim 29, wherein multiple policies are applied to thesame transaction across a plurality of security domains, the pluralityof security domains being on the plurality of different machines. 31.The policy filter architecture of claim 28 wherein the outsourcing modeuses information from multiple sources to evaluate the policy.
 32. Thepolicy filter architecture of claim 31 wherein the multiple sourcesrelate to at least one of a user's device and a connecting network. 33.The policy filter architecture of claim 28 wherein the provisioning modeuses policy rules compiled into specific policy parameters to evaluatethe policy.
 34. A mobile content management system including a pluralityof transient mobile devices, the mobile content management systemadapted to generate internal transient policies, the system comprising:a computer comprising a processor and a memory; a mobile contentmanagement engine executed on the processor, the mobile contentmanagement engine generating internal transient policies in response toevents within or external from the system, the content management enginecomprising a system transactions processor and an event notificationcomponent, wherein the content management engine uses the generatedinternal transient policies to configure the behavior of the systemtransactions processor and the event notification component; and whereinthe content management engine supports version control on digitalcontent by instantiating transient policies which allows for a firstmobile device to access the digital content and stops other mobiledevices from accessing the digital content until the first mobile devicereturns the digital content.
 35. The content management system of claim34, wherein the content management engine supports the locking of thedigital content by instantiating a transient locked policy when thedigital content needs to be locked.
 36. The content management system ofclaim 35, wherein the transient locked policy is turned off or deletedwhen the system no longer requires locking.
 37. A mobile shared contentmanagement system comprising: a computer comprising a processor and amemory; a plurality of mobile devices having periodic communicationswithin the system within a network; a policy repository in the memory ofthe computer for storing a plurality of system policies; a contentmanagement engine running on the processor comprising: a plurality offilters that act as policy decision points, the filters retrievingpolicies from the policy repository and adapted to retrieve and evaluatethe policies of the policy repository, wherein the evaluation of thepolicies by the plurality of filters determine what system transactionsare required in response to a content request; and a systemstransactions processor that requires the content request to pass throughthe plurality of policy filters before the content request is processed;an interface for allowing the content management engine to run on theprocessor to retrieve stored policies via a plurality of indexes of thestored policies, the indexes including a system trigger index and acondition index, each of the plurality of indexes being tied to aspecific domain name in a directory; and a policy wizard user interfacein the memory of the computer, the policy wizard user interface incommunication with the plurality of mobile devices for guiding a userthrough a sequence of steps to create a policy, the sequence of stepscomprising: a system trigger specifying when at least one conditionshould be evaluated, and evaluating whether the at least one conditionis true in order for the policy to be applied.
 38. The mobile sharedcontent management system of claim 37, wherein the plurality of filtersare instantiated in parallel to enable load balancing and increasedthroughput.
 39. The mobile shared content management system of claim 38,wherein the plurality of filters are distributed on a plurality ofdifferent machines.
 40. The mobile shared content management system ofclaim 39, wherein multiple policies are applied to multiple systemstransactions across a plurality of security domains, the plurality ofsecurity domains being on a plurality of different machines.
 41. Themobile shared content management system of claim 37, wherein the contentmanagement engine further comprises a protocol for: discovering arelevant resource; checking the feasibility of the resource; identifyingcontent that is new; and distributing the content to the plurality ofmobile devices at a specified time.
 42. The mobile shared contentmanagement system of claim 41, wherein the relevant resource is selectedfrom an available network, available device, content type, and filesystem adapter.
 43. The mobile shared content management system of claim41, wherein the policy can be applied dynamically while the system isrunning.
 44. The mobile shared content management system of claim 41,wherein the policy repository uses an LDAP protocol and directory forstorage of system policies.